package cn.itcast.web.controller;

import cn.itcast.domain.system.Module;
import cn.itcast.domain.system.User;
import cn.itcast.service.system.ModuleService;
import cn.itcast.service.system.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;

import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;

import java.util.List;


@Controller
public class LoginController extends BaseController {
    @Autowired
    private UserService userService;

    @Autowired
    private ModuleService moduleService;
//    @RequestMapping("login")
//    public  String login(String email,String password){
//        //1.判断用户是否输入账号密码，若没有则跳回登陆页面
//        if (StringUtils.isEmpty(email)&& StringUtils.isEmpty(password)){
//            return "forward:login.jsp";
//        }
//
//        //否则通过email去查找user表
//       User user= userService.loginUser(email);
//        if (user!=null){
//            if (user.getEmail().equals(email)&&user.getPassword().equals(password)){
//                //登陆成功
//                session.setAttribute("loginUser",user);
//             //根据用户登陆的id去查询权限
//                List<Module> moduleByUserId =moduleService.findModuleByUserId(user.getId());
//                session.setAttribute("modules",moduleByUserId);
//                return "home/main";
//            }
//
//        }
//            //登陆失败
//            request.setAttribute("error","用户名或者密码错误");
//            return "forward:login.jsp";
//
//
//    }


    @RequestMapping("login")
    public String login(String email, String password) {

        //1.判断用户是否输入账号密码，若没有则跳回登陆页面
        if (StringUtils.isEmpty(email) && StringUtils.isEmpty(password)) {
            return "forward:login.jsp";
        }
        try {
            //通过shiro实现登陆验证    关键代码：subject.login(token);
            //1.创建subject对象表示当前用户
            Subject subject = SecurityUtils.getSubject();
            //2.创建出token，将用户登陆的账户和密码封装进去
            AuthenticationToken token = new UsernamePasswordToken(email, password);
            //3.登陆验证,认证失败会报错
            subject.login(token);


            //4.登陆认证成功
            //1.获取认证的用户
            User user = (User) subject.getPrincipal();
            //2.保存用户，查询用户权限并保存
            session.setAttribute("loginUser", user);
            //3.查询用户的权限保存
            List<Module> moduleList = moduleService.findModuleByUserId(user.getId());
            session.setAttribute("modules", moduleList);

            //跳转到主页
            return "home/main";
        } catch (AuthenticationException e) {
            e.printStackTrace();
            //登陆认证失败，跳转到登陆页面
            request.setAttribute("error", "用户名或密码错误");
            return "forward:/login.jsp";

        }
    }

        @RequestMapping("home")
        public String list () {
            return "home/home";
        }


        @RequestMapping("/logout")
        public String logout () {

             //清空shiro的认证信息
            SecurityUtils.getSubject().logout();
            //删除session里面的登陆信息
            session.removeAttribute("loginUser");
            //注销session
            session.invalidate();
            //请求转发
            return "forward:login.jsp";
        }
    }


